San Francisco, CA 94105

415.395.9525

Main menu

In-App Facebook Authentication on iOS

The official Facebook iOS SDK provides an easy way for any iOS applications to authenticate against a Facebook account. If you follow this tutorial, you’ll be able to add facebook authentication in your app in less than 15 minutes. It’s that simple. Once your app has been authenticated, it will possess both access token and expiration date. These two pieces of data will be used in subsequent communication with Facebook.

From your app’s user’s perspective, this authentication process involves the following steps:

1. Put the app in the background
2a. If Facebook app is not installed on the iOS device, launch Safari and open Facebook login page.
2b. If Facebook app is installed, launch Facebook app.
3. Once user logged in, either Safari or Facebook app will launch your app.

These steps seem to be fairly straight-forward. It’s all done by authorize method:

if (!) { ; }

However, some may find it annoying to experience multiple app-switching. And worse, the only place that your code gets a chance to receive access token and expiration date information is at the app delegate:

If you have a complex app and the part that needs Facebook authentication is buried deep inside several layers of features, it may be challenging to directly pass this authentication information. These are just a few reasons to consider Facebook authentication that doesn’t involve switching of apps. Such in-app facebook authentication can be found in several popular apps, such as Flipboard and Photogene.

Fortunately, Facebook iOS SDK has already provided this type of in-app authentication. It’s just not being defined publicly. If you look at the source code, in particular Facebook.h, you’ll see the method signature for authorize:

To make an in-app authentication, you can simply call authorizeWithFBAppAuth with both parameters set to NO:

[self authorizeWithFBAppAuth:NO safariAuth:NO];

One way to modify this behavior is to subclass Facebook and override the authorize method. Another way is to directly call authorizeWithFBAppAuth. Since this is not a public method, you’ll get a compiler warning. To suppress the warning, you can call it thru performSelector:

Post navigation

4 Comments

The only problem with this approach is that it requires the user to enter their login information. If the user (like most users) has the Facebook app installed you can skip this process entirely, using the tokens and custom URLs.